The estimate is partly based on market-share projections and a global survey, which found that more than half of respondents, including companies and other industry professionals based outside the U.S., said they would be less likely to use a U.S.-based cloud service in light of Prism. Ten percent said they had already canceled a project with a U.S.-based Internet company as a result, according to the Cloud Security Alliance, the trade group that conducted the survey.

Spying concerns "will likely have an immediate and lasting impact on the competitiveness of the U.S. cloud computing industry if foreign customers decide the risks of storing data with a U.S. company outweigh the benefits," according to the think tank's report. A $21.5 billion or $35 billion loss of revenue would be the equivalent of 10 percent or 20 percent of the estimated market, respectively.

Frank Gillett, an analyst at Forrester Research, said he expects there will be some financial impact as a result of the leaks by NSA contractor Edward Snowden. However, the number of cloud customers that actually jump ship from U.S. providers may be less than the think tank's estimates because relatively few have canceled contracts so far, Gillett said.

"I'd be surprised at anything of that magnitude," Gillett said in an interview. "Those who were already concerned about the U.S. Patriot Act and other types of legal authorities have already avoided the United States, anyway. For them, it wasn't a big surprise."

Companies aren't abandoning U.S. cloud-service providers en masse because there are few other competitive options. Still, the gloomy forecast for American Internet companies could be a ray of sunshine for global competitors.